Sample viewer

vx.netlux.org/Trojan.DOS.MungaBunga

GIF

Syscalls:

Time	Syscall Op	Syscall Name
2018-12-17T22:52:37.194889302Z	74	PC: 12b06 \| Reallocate memory
2018-12-17T22:52:37.19703987Z	64	PC: 12b5f \| Write file or device (Write 4 bytes on handle 2)
2018-12-17T22:52:37.200183288Z	64	PC: 12b5f \| Write file or device (Write 4 bytes on handle 2)
2018-12-17T22:52:37.203248133Z	64	PC: 12b5f \| Write file or device (Write 4 bytes on handle 2)
2018-12-17T22:52:37.206543963Z	9	PC: 14743 \| Display string (String= '[2J')
2018-12-17T22:52:37.208964347Z	64	PC: 12b5f \| Write file or device (Write 4 bytes on handle 2)
2018-12-17T22:52:37.211941485Z	2	PC: 12b6f \| Character output (Char = '50')
2018-12-17T22:52:37.215406756Z	2	PC: 12b6f \| Character output (Char = '4c')
2018-12-17T22:52:37.217930855Z	2	PC: 12b6f \| Character output (Char = '45')
2018-12-17T22:52:37.22037824Z	2	PC: 12b6f \| Character output (Char = '41')
2018-12-17T22:52:37.223038648Z	2	PC: 12b6f \| Character output (Char = '53')
2018-12-17T22:52:37.225926494Z	2	PC: 12b6f \| Character output (Char = '45')
2018-12-17T22:52:37.228265944Z	2	PC: 12b6f \| Character output (Char = '20')
2018-12-17T22:52:37.230872437Z	2	PC: 12b6f \| Character output (Char = '57')
2018-12-17T22:52:37.233898836Z	2	PC: 12b6f \| Character output (Char = '41')
2018-12-17T22:52:37.236176952Z	2	PC: 12b6f \| Character output (Char = '49')
2018-12-17T22:52:37.246769563Z	2	PC: 12b6f \| Character output (Char = '54')
2018-12-17T22:52:37.249856963Z	2	PC: 12b6f \| Character output (Char = '20')
2018-12-17T22:52:37.252200185Z	2	PC: 12b6f \| Character output (Char = '57')
2018-12-17T22:52:37.254185048Z	2	PC: 12b6f \| Character output (Char = '48')
2018-12-17T22:52:37.257088996Z	2	PC: 12b6f \| Character output (Char = '49')
2018-12-17T22:52:37.259910725Z	2	PC: 12b6f \| Character output (Char = '4c')
2018-12-17T22:52:37.261957931Z	2	PC: 12b6f \| Character output (Char = '45')
2018-12-17T22:52:37.268122939Z	2	PC: 12b6f \| Character output (Char = '20')
2018-12-17T22:52:37.270153015Z	2	PC: 12b6f \| Character output (Char = '50')
2018-12-17T22:52:37.272219004Z	2	PC: 12b6f \| Character output (Char = '52')
2018-12-17T22:52:37.274899645Z	2	PC: 12b6f \| Character output (Char = '4f')
2018-12-17T22:52:37.276866781Z	2	PC: 12b6f \| Character output (Char = '47')
2018-12-17T22:52:37.278726024Z	2	PC: 12b6f \| Character output (Char = '52')
2018-12-17T22:52:37.282091984Z	2	PC: 12b6f \| Character output (Char = '41')
2018-12-17T22:52:37.284570436Z	2	PC: 12b6f \| Character output (Char = '4d')
2018-12-17T22:52:37.287145797Z	2	PC: 12b6f \| Character output (Char = '20')
2018-12-17T22:52:37.290204251Z	2	PC: 12b6f \| Character output (Char = '4c')
2018-12-17T22:52:37.292298322Z	2	PC: 12b6f \| Character output (Char = '4f')
2018-12-17T22:52:37.294717302Z	2	PC: 12b6f \| Character output (Char = '41')
2018-12-17T22:52:37.297918552Z	2	PC: 12b6f \| Character output (Char = '44')
2018-12-17T22:52:37.300424422Z	2	PC: 12b6f \| Character output (Char = '53')
2018-12-17T22:52:37.302787048Z	2	PC: 12b6f \| Character output (Char = '20')
2018-12-17T22:52:37.30613548Z	2	PC: 12b6f \| Character output (Char = '2e')
2018-12-17T22:52:37.308296261Z	2	PC: 12b6f \| Character output (Char = '20')
2018-12-17T22:52:37.310344714Z	2	PC: 12b6f \| Character output (Char = '2e')
2018-12-17T22:52:37.312671007Z	2	PC: 12b6f \| Character output (Char = '20')
2018-12-17T22:52:37.316729338Z	2	PC: 12b6f \| Character output (Char = '2e')
2018-12-17T22:52:37.320021324Z	2	PC: 12b6f \| Character output (Char = '0d')
2018-12-17T22:52:37.321980278Z	2	PC: 12b6f \| Character output (Char = '0a')
2018-12-17T22:52:37.326089917Z	60	PC: 12b89 \| Create or truncate file
2018-12-17T22:52:37.332256563Z	69	PC: 12ba7 \| Duplicate handle
2018-12-17T22:52:37.334287312Z	70	PC: 12bb2 \| Redirect handle
2018-12-17T22:52:37.345444275Z	64	PC: 12b5f \| Write file or device (Write 4 bytes on handle 2)
2018-12-17T22:52:37.348572245Z	41	PC: 12c13 \| Parse filename
2018-12-17T22:52:37.35013759Z	41	PC: 12c1b \| Parse filename
2018-12-17T22:52:37.35231729Z	75	PC: 12c37 \| Execute program
2018-12-17T22:52:37.373642186Z	80	PC: 171d9 \| Set current PSP
2018-12-17T22:52:37.374659748Z	48	PC: 171de \| Get DOS version
2018-12-17T22:52:37.377508768Z	99	PC: 1d9c0 \| Get DBCS lead byte table pointer
2018-12-17T22:52:37.380328471Z	101	PC: 17264 \| Get extended country info
2018-12-17T22:52:37.381448969Z	99	PC: 1726a \| Get DBCS lead byte table pointer
2018-12-17T22:52:37.38336463Z	74	PC: 172cc \| Reallocate memory
2018-12-17T22:52:37.384429243Z	25	PC: 17303 \| Get default drive
2018-12-17T22:52:37.385292616Z	37	PC: 16dc3 \| Set interrupt vector (Interrupt = '34' AKA 'Random write')
2018-12-17T22:52:37.386726426Z	37	PC: 16dca \| Set interrupt vector (Interrupt = '35' AKA 'Get file size in records')
2018-12-17T22:52:37.38771256Z	37	PC: 16dd1 \| Set interrupt vector (Interrupt = '36' AKA 'Set random record number')
2018-12-17T22:52:37.39060482Z	74	PC: 15f6c \| Reallocate memory
2018-12-17T22:52:37.392126091Z	72	PC: 15fad \| Allocate memory
2018-12-17T22:52:37.393291274Z	72	PC: 15fe5 \| Allocate memory
2018-12-17T22:52:37.394539874Z	72	PC: 15fed \| Allocate memory